hxxps://doccv[.]ru/A/AS[.]html

Resubmissions

19/08/2024, 15:44

240819-s6gy4swepj 1

19/08/2024, 15:42

240819-s5knlswekl 3

Analysis

max time kernel
75s
max time network
73s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 15:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://doccv.ru/A/AS.html

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133685557673785978"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
32	chrome.exe
32	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 32 wrote to memory of 4100	32	chrome.exe	93
PID 32 wrote to memory of 4100	32	chrome.exe	93
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 4512	32	chrome.exe	94
PID 32 wrote to memory of 3460	32	chrome.exe	95
PID 32 wrote to memory of 3460	32	chrome.exe	95
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96
PID 32 wrote to memory of 4796	32	chrome.exe	96

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://doccv.ru/A/AS.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:32
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa3e61cc40,0x7ffa3e61cc4c,0x7ffa3e61cc58
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1796,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1956 /prefetch:3
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2060,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2084 /prefetch:8
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3680,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4488 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4484,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3436,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4420,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4884 /prefetch:8
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3120,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4632 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=728,i,388700781445005815,1584005625011451880,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:3584

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1868

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3736

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3996,i,1729213506309163284,12809566808978835441,262144 --variations-seed-version --mojo-platform-channel-handle=4288 /prefetch:8
1⤵
PID:4548

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
b727f1e025aeda021867199b8b958a85

SHA1
536d402188ba96b03c0b90f429752a9abb85526a

SHA256
23e8a8b04345a71accedeb16a9b27e25d15de1c1de0b178d0cb4cc57f52586fe

SHA512
f572931076673314bd9e0845c7e9e97705d2b3f879da01edd52c8dadc88c4b77bfc3dc44aece7cc38e6e7164bb7298032755aed2e29e834d2088b1d5e9b1ce55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
fff44ff1fc879839593243d8c7092e52

SHA1
4015a27d1efc9232c8db42e640bb3eef977fe9dc

SHA256
2859b052c01487df5938fdcf07bb937372fe8b7f604c8ef15ba36491fd742d16

SHA512
df4df00342f5928b850684ea6dd455233a1f168192e33a05d7e999fb6b4cb7c872eb8d0cf6decd33c2581150684ca366f1fb36199ad34aae6eefa2e2411f7989

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9b081e135ed494079e50fa4e7386dadd

SHA1
30ca80ade7b968e14bd0b2970c40a1e6b0b4ee0a

SHA256
693f656bfc41bb6736908f2b399c53d4fea72277a041e4d658015f476c6df7a9

SHA512
52c730d6ab4b94976913e3c3b807c32440b7922542fd1e20aba160b322b464a2b26747570d16e0c6914d8bc31403f62f153282b04cc61f7eb5487aaebb271221

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5e7cf8dc9e7084fe0f1ed8310fab3af5

SHA1
5ba144a2ad3cffa8ab8afc9626a6d5b6daa9d9e5

SHA256
57cf42ee12bde75b5f2053cc01c12c8bf65b681b42e3c1d0c5c8854c41edf799

SHA512
30ff4878d8546c5f9a5fd1bf19c055c361f9ac0f769ed85fb64f1195f946d124e0621d93ca0c1eb2c1394038a0b073f1a9b54eb268907a5d9528e245690c9b32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e184da95004de3cbbec7966ea2c25eea

SHA1
852b8e44184a617843f2e45bcfb4b4bab3191081

SHA256
0aec85fd786a866c48de946bd24c453a1da46b22b5457e88351ef8a6727e520f

SHA512
5ac9d921003efcfa922acbadbbb28be8699e9e102b72b4888e876ef98375072e7c9af878be9aaeea4c7200056766a67fb532af943b049e0c3b0a905c0edc1368

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
65979042f71bd07dd1ca65732d676f8e

SHA1
659e059b74e7775ee12b37aa7e9660c60e989668

SHA256
a4ed1785d665b54955bac24f5f55a671d7a011fc9aabfd5dfbbbc4f6af58c4b8

SHA512
2b2915a51ab6ca4e86921f12dcb0ded7142e6b0128223f14b84ffa615a10f849ff80a9fafd65fa2b7de4561727a77aa614dd4247c99d8e4279b9e634e3eb5b65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ca232e96f87df98049fbe4f5741faefe

SHA1
d4599bc8d380db71488f0e576f81b9b477a81527

SHA256
7d4dd07cbadf7b5960402139e0273f1e0bc447f6753c864db042c02e2b1c809b

SHA512
6565e4e9db0659453e230c6726c9f4671a0d5feeec5b7f68725a622bef7b4de4dc7da5f761ccb18dae2fc5c5f1ca1b790d5756a81d3acf1b25a1db542a4db67f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1221d2e1c801b0dceaa0bb30fea87185

SHA1
0e82fb77b6d210e1d1886bc96ac8724ae9b0208f

SHA256
fd155e37da0b8570183259b3ab7a4e2235590913e2d56dc67a0c4f9c1eb61373

SHA512
09148faac9971f3e72af2a5527183c85a2e08a1c72f2bbbf7d5f086dcc77e014ee1b13d5a6725fc22eecad67c312029757c1b2959a4283241616dcee7d2f43c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
4736f93463b19f0062b101a91cd6e4ff

SHA1
17a24a560fff471c36c70073fb63607a6739add3

SHA256
cd3b6b70b85da6ac5caa0b46d59aa2ecc813321f9a32ffaef2122f547911eb46

SHA512
2bbf8d6725d3d16332445eee325f338a92a5a48d3e176b2311589913d540538aadfa7766429e883e88307ea297fc6ff9b3defbf7601ea9c7e158aeaf2ff3a85e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
72b53281e8d8217f86a4ec1e15c55dc0

SHA1
f27efb89be0174d5a5c2cba2728e309e7d176fa1

SHA256
58698610993640bc5950585aba475bfc57677b1cf4eeff75d790604e257b06e2

SHA512
48b360fdf3ee35e4141039a025b5223effcb30c68695685ce1dc6e57d268e8a5177fe219d991d30f8cda7eae328d82f00c3731064437380cda54b266ea2d855a

Download Submit