hxxps://zfrmz[.]com/Rz3DJS3v6n5cZnG9kexC

Analysis

max time kernel
67s
max time network
69s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2024, 20:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://zfrmz.com/Rz3DJS3v6n5cZnG9kexC

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133689192112304189"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3664	chrome.exe
3664	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3664 wrote to memory of 1644	3664	chrome.exe	84
PID 3664 wrote to memory of 1644	3664	chrome.exe	84
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 4860	3664	chrome.exe	85
PID 3664 wrote to memory of 5044	3664	chrome.exe	86
PID 3664 wrote to memory of 5044	3664	chrome.exe	86
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87
PID 3664 wrote to memory of 4164	3664	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://zfrmz.com/Rz3DJS3v6n5cZnG9kexC
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd4907cc40,0x7ffd4907cc4c,0x7ffd4907cc58
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1924 /prefetch:2
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2128,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2416 /prefetch:8
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4316,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4516 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4820,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4828 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4816,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=208 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3472,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3496 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3444,i,4865138417224002679,1634970348603795681,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3684 /prefetch:1
  2⤵
  PID:1988

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2752

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
3f12aa9cb8303540c32d1758226f630a

SHA1
fe2a8807931206af3b153cc28fa9e9bcbafe10de

SHA256
7edcc43299f44e814b51b78864a6d125e16115794e40b5de78518f9a29690137

SHA512
ce3a07ff33dfde5805ed47abfabf0e8ca5eaf69ec563b0598cac61852d5b3e67ffcc0476c15be990495a7d510315f9642690ebcad29ea4ea89684d134a253911

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
5f6e32082af7c937207b52cbed78c543

SHA1
61a5bd361d10e5214d35d37fd51a946d6bda70df

SHA256
e8943739d62ad43c88fc85f1d0d027dea53f7380d8bacffff1ba1ba1c83a62f8

SHA512
db184f19610b94afca139a5e57ab0f8aed1fc50c006f9de956897cd008f93c238ae6e321ec8f5b409a913eabe6e6397b924449f65c1845f3abc7c4cadd868503

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b343ec17a2c7925e2b9352e3cd0282d4

SHA1
0e1f332c35f562c41ec81a05f7050d8a4191b06d

SHA256
1488f50f74d13b57d3fd6f571597f72c98ca7674253a315b9fac45abc960b9a2

SHA512
720ff2606235ef01cb097fad2b72e6d29f7f103fd78c0ec8c5855d4185a6f0e8ea6e0991fda9e0031e840d7e4ec1a857d9ed82f13034ba0558b9c90ecb39c130

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1018B

MD5
1595b514b6249ef1798dc0f15cb42164

SHA1
6dbbd7661f9e97429091897644551a0ece67997d

SHA256
09d4355de37085a09cdbf6cc3bd650689c18afb18dba84eb6116be96c1d2b064

SHA512
12c35b48c5b792964859ff3e4c9ac1676166495691e3b69b6f6eb9457ad50025d887308bbd7399f57d1bee68e4462f8fa01df12a7ef748685d20ed8ced872818

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a8ab6dabcc0b6d847fb60a129164a9ea

SHA1
8de52e2392d5669ef86805aaa45d14507804732d

SHA256
3a1883fdc99253f3737042a3326452f67ced0c84ca6397eb826494b0425e9093

SHA512
3137fd259f75b02985d40e31dc93db0b8239bf3bbc757254499c5b50631b63f76018972a57c730bdd6780d22ef645472ac36e9fdccaf689053fb1838d564edf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8619f4e5e94d0125f731a9f0ec33e7fa

SHA1
12fb0989bc57dd10a995f4b62f2a254a323e7a22

SHA256
af9fa495d5cb28280b2ee036e0448429baccfe1c52f02679d0371a3a961d46c5

SHA512
4ff0a0ce1aaf308ebc88bb7036b6c60233c1a293128a5727ab8c8ba419cd067739ad7f431e855ae390d6317d461e3bf8bd2a07f854da3f1911265de1d519bd6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bf4531a3fdacd732892047ddf80f0dc0

SHA1
e5ab3ee83ac19f457afb696e5ebd3d258248cf33

SHA256
b3cc3be6688275aeeb4fc30bb225373cdfafeecdc0adcd0fae95ac2cb2eb46a8

SHA512
f8f4c5ad3c2414619e5eaa89108fd11f6517bc6ebd3af4688033b5095c17b23df29bcdbc39830f8f33b3bd4d22c9930d68f99a500c9f0572d9b8027705452c78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
96fa89004a0c05e48734e9e416afd8ea

SHA1
92cae01e1710eb6ad3470caaeb89eefa74980fde

SHA256
ac9bf2c57f45482dd64e4eac9d11e379a7ee7168446bd588a65afb0d271864a4

SHA512
5bd3cf976ca6a74347c59c6ff3ab35f5a7b28a569459d0b8dea63909301ffeeb2a09ec4981520030676a805b34af3c79ed9631602effb43527bae10ac33df896

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
7387bac21035927fb18f9087bacffd06

SHA1
c2ffcb259899f41b55163acfa4f454b63ec2cbbb

SHA256
29a15bd83eb1cc7d256b079cc0969cd9075a9ba903c12935faecd83ba7d434e4

SHA512
8f7bd0a359d59223a284d41c62a7f122e384d30d7d3335ee8c902c268b6f8e286aedc2645844c14b054267203227200d7d30a6ef52bcf082c7fec2ab2e5265b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
7af3921b16113f4d0a0088b5a1de7736

SHA1
52a563be1471f136bc8157e06ebdeacdd227c672

SHA256
a3de9f413e1888ff51d4628b6c849f59d31cea7cd05d44581b3cd0e2e7b0aa0c

SHA512
2253f15d9286828a3736a7f8dbeffb15bf55b67f17b4a70026fc1662234794a6ebde0c2e0a31bacf6a6ae889568f199848f5211f0cf1ffd8783545eac26ba428

Download Submit