5b3ca9abb393dff15ed3a05955a246cdbc39aba8164da84764574d30e95d0d08

Analysis

max time kernel
93s
max time network
93s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2024, 03:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.js
Size

77KB
MD5

5e648a49d9702ea57ef19bd0fa8d817b
SHA1

be73d796e047326ff556091146df69c4ec877eb0
SHA256

5b3ca9abb393dff15ed3a05955a246cdbc39aba8164da84764574d30e95d0d08
SHA512

4d55c88c8bf734aaa7df919236758aee1436babf75e3eda79fa2d503a2d384fa5eed462740c4e776f0c18d17a494b7a8ffd5e52ea2428cfa732f01cb501e36f1
SSDEEP

1536:i6QJFLCSwNie4v4ehNFZuSuWtWWxRadScejN+GkXWaEKjp/6apc3qsCE6ZJsnfJB:NQJFLxwQ3adScejN+GkXWaEKjp/6apc9

Score

3^/10

discovery execution

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133685983727942958"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4412	chrome.exe
4412	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe
Token: SeShutdownPrivilege	4412	chrome.exe
Token: SeCreatePagefilePrivilege	4412	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe
4412	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4412 wrote to memory of 532	4412	chrome.exe	97
PID 4412 wrote to memory of 532	4412	chrome.exe	97
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2080	4412	chrome.exe	98
PID 4412 wrote to memory of 2584	4412	chrome.exe	99
PID 4412 wrote to memory of 2584	4412	chrome.exe	99
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100
PID 4412 wrote to memory of 4828	4412	chrome.exe	100

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js
1⤵
PID:4428

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffecb14cc40,0x7ffecb14cc4c,0x7ffecb14cc58
  2⤵
  PID:532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1956 /prefetch:2
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2088,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2304,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2268 /prefetch:8
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3204,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3316,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4624,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4408,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3396,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4976 /prefetch:8
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3556,i,1635691753422612350,8034234936385808416,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3532 /prefetch:8
  2⤵
  PID:4920

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1972

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2196

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
5e40cdb8bdf316844f266f1ebe0546dc

SHA1
73395d5343cef52bf602189973f423f580b6bc3a

SHA256
30429de84361edfc7908ff55080f57084ac6258c1f6267dd4cc7ab8610f9396e

SHA512
a9ff76103745e4d3dfe5e29f790900a8901945efa44126a3fdd0243a4f90856fb3c668bbe52e9a7f231987a21a17dea03855a14f78c76cd3df30c95351f6a51c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
3d488338c2d335d7ebcbd1571a0d389c

SHA1
e81c7708a8be07323791ffe9e841179945fa2001

SHA256
1c358db74ef9ec35c03d2d44f7d6f8afe2ba43c9bb4489c03bd1d67a71c6fcf7

SHA512
803463a473c5e7c09b0d0a37601161cc328c7dd6e9090cd156040d96eb2829195ad15969b08c3e3999f6c78bec4bd8221c8f07827f4c5dde8c9a07fcc65e748c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\19981bac-e047-4455-aff1-92a269402c7c.tmp

Filesize
356B

MD5
4733ead4bc18fa6300ab01999c2f146d

SHA1
f0ac62db916a0cfc65cfbdf7269ac829b2ab39dc

SHA256
cd5bb69651a598649c655b384b9117287759f2de3558d9a100e1d265a7eaf3aa

SHA512
818a6a6b551a88d67fc259f5f1629160e23a90b8d30678bcf3dabaad8fdd09061c0588b9c5d857a1f8675380a575bc7331dfdc4033dfd9bc190e3a0ee4937c6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2a17af086ec014ab7b6290470656e404

SHA1
e23affc0f6a2661f77d7c9ea3001f98bb38d1c49

SHA256
3898b11b460c0fb61b1480f12e22ea33a3e2d308a1e526740660aab742457430

SHA512
116a40dfc73dd6a828b2b3e82bc66c43c4cbceecceaf95e7fb509f8d36c7a00d919381e0e6a07dadb10adffff7b590819753ea9b076e11dd9a6e20d4e5f864ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ceccc7c6ae2546725ccc4496baf0ef12

SHA1
afd5fb88a9d5c689f36d8aefef11641c1adde0f4

SHA256
3eb4949c01ff0bc3befb7fe61c8cc7b01a7de24de5e06c31490e0641827aea49

SHA512
7ff5153add7da58e696814b56271f8c4732d9df9582d257d9421b24ab816a0a577e4a61d91494356b893e5d32202394e486ac38e67cae744d747a4351c773fdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2821396607c03dbb7783e77baba9aa01

SHA1
381ee4ef1eeeda13f05679c6cd7d857faafcb725

SHA256
5c2279efa1af9493b9d9ba90b26b062e9fb9946bc0ec9a203decc845c6d5cb63

SHA512
bf2e6230a67358cbc102a7f3acc7e14802fa4f3645727936988716118bd6a11566d17e9a4251b1fae4e272c6daf911d16b8298711bfb883cce85cd4e8e31e8fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d406d5d5f04e9fd1ae8a47a5566fcb12

SHA1
0d0dc18f042e309a044353fec3aa5275699e5580

SHA256
d2091d0ccf5a04fcf58680921393996ccc47f6a7e3967df131e57ba48eea81ed

SHA512
48cc430b1bcaea00cc88bb7888edb3427ebb658f64fd17722c9e0f482e78696d83a86cc7b9f9a3a063b2ff44424ea8716ce4fdb2af4096c15aef962d3abc7200

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b465687125b14b2e74fbb17d6a328a9b

SHA1
7ff1e36a1b4036e7affef415073fa005d734305a

SHA256
db01c7f6b02a7ca758b6f3b235f69e134b72f0b5168b50214a4d230b7b835622

SHA512
76ef4792fedbe82490434a4d946cf455740b115006254ea54254c03ab5bbe7a4cae4605a8ae4472795a2b067d5d59c842b5929ffaa262427f6eb80285af03bb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f77b3a0f6f96b3a4e8b2fa73d62907c0

SHA1
ee03415fe563ea20133e3ed4bb944d2a3c0fcda0

SHA256
571a28c400a46457ad1060206b579dd65fa61f263379cb085e1d94158a2e7476

SHA512
62084fedd40138a36421630fbb4ea8fd54f27bb95f971f681795fb609f56f0c53aae7e5cef3e65df59f82ceeae355910e7144fae43f8288672b37e1fd32ade79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
91d01ce01fee6acef52f324ae46815a1

SHA1
c25c03b520ddb033651eeffb901c04aa8ceeedfb

SHA256
c7aa5ee31c27f649663cfb4d978bc3a23f8e02c98dbc8c26e2acf9ad87e459dd

SHA512
7f9d6f370f94302155b6047548467e49505f622a1e36c43b31957cd25efa4e004052050198a8db564ad79ae4bab404636dd0cc31f83efaafe65dfa98a98df542

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
173cab4c2b86e0f8592c5bac84d9f9f4

SHA1
631ab4160d24948d549836cc6de35f089750cd13

SHA256
c653cc5b69a7b549cc1006ddc39cd25f89b22061aabd20e4356156b3c8a9d1b3

SHA512
3fa81bbce2a48b409db495a85cb17138419e0dd39c919c2bc8ca76af5c56075a44e46deb762f93970d03fdd01b8634057832231c8716862956f9b4305b6cda42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
0c00a23f2c89e72e60483304680d6df2

SHA1
d3466f3d43024a046a38444dc2b98a4e7a5ec5d7

SHA256
afa2b787ba32d46bee25f3194d209bab0e5e5e24839e84a9afe161198d92f13f

SHA512
8538e8779fdba9d34eb605b7ab3a26e34ac17cb90af0aefd48cdd0acc5ceae242459637a2b2ae627ad0df67994dfbde0d088ae62c5017f5851655db46c8c5272

Download Submit