hxxp://youareanidiot[.]cc

Resubmissions

24/08/2024, 22:59

240824-2yqeyswdnn 3

24/08/2024, 22:51

24/08/2024, 22:48

24/08/2024, 22:44

24/08/2024, 22:43

24/08/2024, 22:41

24/08/2024, 22:38

Analysis

max time kernel
44s
max time network
50s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2024, 22:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://youareanidiot.cc

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690135177555358"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3572	chrome.exe
3572	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: 33	760	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	760	AUDIODG.EXE
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe
Token: SeShutdownPrivilege	3572	chrome.exe
Token: SeCreatePagefilePrivilege	3572	chrome.exe

Suspicious use of FindShellTrayWindow 39 IoCs

pid	Process
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe
3572	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3572 wrote to memory of 3112	3572	chrome.exe	84
PID 3572 wrote to memory of 3112	3572	chrome.exe	84
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 2612	3572	chrome.exe	85
PID 3572 wrote to memory of 3240	3572	chrome.exe	86
PID 3572 wrote to memory of 3240	3572	chrome.exe	86
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87
PID 3572 wrote to memory of 1824	3572	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://youareanidiot.cc
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa62aacc40,0x7ffa62aacc4c,0x7ffa62aacc58
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1896,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1700 /prefetch:2
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1944,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1960 /prefetch:3
  2⤵
  PID:3240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2228,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2412 /prefetch:8
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3036,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3068 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3408 /prefetch:1
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4348,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4332 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4676,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4688 /prefetch:8
  2⤵
  PID:4304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4896,i,10843510700461927802,9771542067828886735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4900 /prefetch:8
  2⤵
  PID:4228

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4564

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3548

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e8 0x340
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:760

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
cf137ad729382b29b1e47bab1c151ef7

SHA1
c1bff88b8fead59f47b49b3d04edfc60d3a9f590

SHA256
497da56b03451a32726f37161b190a358fb2b0f8203c93526cbc59daf77f6088

SHA512
cd5591b4e6890b3b50bfba86065017fa0a072aea5cb70f32aebdd48f54f4edea6035fb9b11be012466fae93bdcd052efec88926fa3f6e5147d6ace88204749bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
407b7cec6d52864e25ff666f77813849

SHA1
9c93ab7259c023f112866ef2cb0283842fdd38a4

SHA256
60ff284cab983876cc4896a3ac9dd534bbb9f88ac1586ff9b75fe4d6a125323c

SHA512
fbed8a211800fcdc066ac122388e8c17969c6c01d22fb8b46538a0959d3ad0c63417e41907326310dddb930c0deef251ac793ef54c3a1cc444905836c04c80c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
202KB

MD5
9901c48297a339c554e405b4fefe7407

SHA1
5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e

SHA256
9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2

SHA512
b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
da280f6986b92876a388cc7365c1b70a

SHA1
9fec7e916f30b9e2dfd8569806ff2b69321c8db1

SHA256
3558fb8bb31b07c28cb85d114341e3abf24fb7c213b420414bec347303a75a18

SHA512
3034a50c9917f63c1de18eeb6b8398a041367a10ce65412afeecb715af617c71db9e9458d0552e3031f4e8e29ce2a919efbd86e1119143f846a7d73b493f0b61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6f62c258d5d6c82e788d04a4e934e5bc

SHA1
a916d42787ce486ae1e16cb9f8c321c4c8866849

SHA256
298c44b606e195ff8f2d691a409f75b7d338bfef5b6e38e619e7d986bc0d3cd8

SHA512
f42b501ea4b5c8f61cab77f80f09ebfdf6c39ded9c72aec1118ace91b7ef210b6c9b069e255b9449fee952952329be39eb90d6102ea553230be3f578d785010d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b3007d6104f9265d873fa4e909dd8b52

SHA1
f2f3fa05f96d38562ffac3bcc72f80cc564b801a

SHA256
81f7884f7d4c817765b52b3d3f265e5a4ab32147c1f03bd2ba5f7006984dcbbe

SHA512
99bd774850499efcabe7f1e46d3be5d1b92f861274d6dbfea0a5d1b265e6f0cc8ce38e1dcdde3b672c53a6e541bfed7b54cdb1d392badff248fea7eb9ed52a13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8106106710ab68a0915d642ffb47c361

SHA1
868cc5ca7cc7ec924807f2a72fecd18303ea3582

SHA256
1757f4ddcb5b40d4be30b74c5e0d98429a4c9f1ba3baf11c090c9cd1afeeda28

SHA512
7c95623e0604fbadc52421f29d2ac02eec4f57bdc44197da2b156f1a870bfcb041cf40ab09f82b836f5012d6eea753c7eafc981e9d45fbc0432c1ef9991c71e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ea86f8c9fff7f6cfe45b24603f647085

SHA1
6282d547a8e69d98b3d2534fbd850b55b57dd17a

SHA256
28e2643ae8a828a25108c36ba215a08f46dda6733ee66a0fe00accd9135ddecb

SHA512
6ba1ac1d0c8bf98139d72c0ec65146eadc03870e5132a45c82a4a266d4bf0faefd5561f10c28f2a47d3cc2c691d59e2f8acfaac442970a732092c64368b07b6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4c4105d0bd6e4f5c4edf2f5aad10c0c4

SHA1
04052e1dece73b34b1cee348fef9d6adef5454dd

SHA256
d4e837783ac1c042526464247d6e6b6c4bbd184ab8328446ee264838829ebca3

SHA512
a5755eb884f2863b7cb5400ec0fa1b3a81003b58236f4e00e7e6667400c850fcb31fc9a8c6970eda96e450d22e74b710f99d76b8946026a3319782abfb030296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
295a5bdd2a1e31d13b8d46e853ebcd51

SHA1
7d0bd9acbb87b58384c47d07a24c0da01b9185de

SHA256
001c62abe287ee360f92b7cdd84534586397c4880e157910cb50bbcbc115559e

SHA512
916a72dd3dcecc9a61554682cfded0c3681ab5494dee83b3c75b01b757f0e540c422a05ec68a05642950835ce44f8feca6a9b2e8ebffafbcd57db8ab6d3e9ce0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
d64427be4b753330ff82467b0768b229

SHA1
97041e08eaf3bb67f7708302cf9c429795507821

SHA256
ba564658e86eb078e7d4650552ea1bd254810c699076220ff12ca0bd7fbfee93

SHA512
ace6df956185dc2158a154661c40991915cbade4db24076f050dfbcca82b0b71c374428037b91038b68d1b7bf2a8763f641f356481494806d0e0e3371eb67bde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
0f9f4595f683bda515a01b9a2bf6c780

SHA1
72ea36bf1d87979dfad86c48b00f259507978f83

SHA256
0f29eb84c6e640a4c46c45a2a0c721e9ab26d685e79badfd123cc16999cb8d7e

SHA512
dcf29b24e1ac482cf838de5d76773b8897ed98585804bdf0d5bde857355f9a65dc246008fb99cd125eef43e47fba1be965cdbc87284a89c373349587f74d7fc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
1cc3b48e23288b985816e55cc59ce67a

SHA1
51a15c3a950945e91217f02397a3dc752d93aa4b

SHA256
7488cb3e1ce650124ea3a19491e8808729cda316dc9d61c7ee13a82e4a4150ac

SHA512
4b3746da50848264a81b929f3e82bdbcb705416689703a2837504dc7afffb4ae432d03cfb6a220630ba3733a24f0d50c983ced465ffeed8cb0f1bd570ce8181e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
413d1a30ce1c2b5dadc3a839dfb78e31

SHA1
75bc4cedbb547ae41eadf2139dd3e10ec28b1e49

SHA256
080225fd80ef8bf8975ce14bd7a5d76c5868ba52844c7c817b854c8564a31402

SHA512
1993fb6dd7f8cd27e9d91f3ea4528326e438f3aeed426f29235cdf4bc9528501993b0c95b1f000e1afc369ea9967853cce6df8a667dafd916b9d1ed776cf5776

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
56339ca3fc350f1cffbbb3749c98d985

SHA1
8020c6b1d0ea4bd96c7e080126d5c2300897a4e2

SHA256
95fc7e8e1e6cdf09f0c952263359c08ba444a879755325b1144be151ed365c80

SHA512
16d1c28ffb7094e416db5406edfb69740517db6a01a3b6959caf736b2aca1bedb3bf1dd9a6739eb216daa783905e40c7bfb6bd940107616cf2191cb460ab46b7

Download Submit