hxxp://content[.]brivity[.]com/ls/click?upn=u001[.]R7KrKJ3O7T8wVi56lNnC9bL509Wv-2Fl-2B8DHRbgZxUyG8-3Dh4rr_AF-2FijXZK-2FRzqlgYi3uRjKASZz2nbX7tRzOs6URi5BxNjGaCscR4h7P1ApsaOmoUQY8dFpXdL62OMyepUjpfBkACZINMFHLZyYez9vNRzWdEQkXyGp22CuAXfpoiTQt02VEP8Bic7NITbhSxk6vaB7XXhkvwnyZhHjApdjg5dO5TEUlRVOdgsH6ArmuY86Rl8cTWk64uQVg7tw5jLYKBpbg-3D-3D

Analysis

max time kernel
149s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
01/09/2024, 21:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://content.brivity.com/ls/click?upn=u001.R7KrKJ3O7T8wVi56lNnC9bL509Wv-2Fl-2B8DHRbgZxUyG8-3Dh4rr_AF-2FijXZK-2FRzqlgYi3uRjKASZz2nbX7tRzOs6URi5BxNjGaCscR4h7P1ApsaOmoUQY8dFpXdL62OMyepUjpfBkACZINMFHLZyYez9vNRzWdEQkXyGp22CuAXfpoiTQt02VEP8Bic7NITbhSxk6vaB7XXhkvwnyZhHjApdjg5dO5TEUlRVOdgsH6ArmuY86Rl8cTWk64uQVg7tw5jLYKBpbg-3D-3D

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133697001822491204"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2620 wrote to memory of 1876	2620	chrome.exe	83
PID 2620 wrote to memory of 1876	2620	chrome.exe	83
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 4712	2620	chrome.exe	84
PID 2620 wrote to memory of 1308	2620	chrome.exe	85
PID 2620 wrote to memory of 1308	2620	chrome.exe	85
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86
PID 2620 wrote to memory of 344	2620	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://content.brivity.com/ls/click?upn=u001.R7KrKJ3O7T8wVi56lNnC9bL509Wv-2Fl-2B8DHRbgZxUyG8-3Dh4rr_AF-2FijXZK-2FRzqlgYi3uRjKASZz2nbX7tRzOs6URi5BxNjGaCscR4h7P1ApsaOmoUQY8dFpXdL62OMyepUjpfBkACZINMFHLZyYez9vNRzWdEQkXyGp22CuAXfpoiTQt02VEP8Bic7NITbhSxk6vaB7XXhkvwnyZhHjApdjg5dO5TEUlRVOdgsH6ArmuY86Rl8cTWk64uQVg7tw5jLYKBpbg-3D-3D
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff85405cc40,0x7ff85405cc4c,0x7ff85405cc58
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1972,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1968 /prefetch:2
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1808,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  PID:1308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1232,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2436 /prefetch:8
  2⤵
  PID:344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3044,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3060 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3220,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4480,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3680 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4388,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4756 /prefetch:8
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4444,i,10015022195748317584,5575035948476267444,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3864 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4404

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2968

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\33501e1a-a86a-4a27-b701-a8d21cd93e81.tmp

Filesize
9KB

MD5
b7ef347ac7960dc031ffe5d830e9a64c

SHA1
c39eb51fc84413dee08864cb3789c5a247c64968

SHA256
5071295f9e32340d7a378a73098a8be415f32b03b2f87f46d319cb1b53d2a5d9

SHA512
01e74768349eaf0bc8f882c5de3765725f8adc5651b5a54a93c17f73fa5673902abcba59b95153b8a74b92cf9a2340bfc40caabf6c933d2febe74887d7887932

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\672bb060-23ee-4d7b-9e94-7430481a48e6.tmp

Filesize
9KB

MD5
e124864da425e76328d122998aa748d5

SHA1
97f3e2be9ac5b349dd3a2042f6edc70abe0a9e3f

SHA256
2c4a1c9c9e3b3d183992799c552a1e2953249df9ecfa130b35d9e5beae74bb0d

SHA512
88093db46bc22315b64a716899f93cf1989640bb34ce7711b368120e44d97071cb2ae7df446af2516d19af085b268431278fb301b1aeaf65b135afa9d054f58d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1517a45ccb97aadf2499a05e301c5e9f

SHA1
0074f0e0d0e268e4c392db2eb77062832a4dd8df

SHA256
1be3d23bc425c3bbb61fc4188b4951f17a29fff476d9cfe8959f7403d01790d3

SHA512
6200206863b03454324673b15afdd2ffc653720c04c6980887c5a9ed70d628697ca6ee180ef7b69bbb0f2f19d80dee0814839dde8135584d8fae9c2955c100c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
e270d8b887abe8565e7705497ee6818f

SHA1
fd3db18fbca85b9514f2712fee017735feddfe88

SHA256
2c08ec246ae2ea6be946550ba1eda9ab956a60c7689479206a42d0a24276556d

SHA512
1fac98b40f22321c80949fa8e276f0ecd661f8545b7f9dad00a4029da6fc673b3e9c74b03dadb5e792f506fa7bdcef3918b63f918634654d2cb4eecac02140be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f9cd135382a41a86d69bbf53806048fb

SHA1
ab80b9515b8e65047f49b3bd8387e7fef6662147

SHA256
b099f367691eb7f13f9a4816207d47c946cdab01690047da42b3ac16e9203fb7

SHA512
8373cf3ac462a2fcae076520793037ecb093fa7a301fdce7bc3953201a557862e09b62b5cfed068da1d39c00ccaf7649ad38ee640b1db74a6cc7c365930b151c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7ed5269fbccfea0e95d9d1f42685cdac

SHA1
a4302c73f677975271f247db6e97a26b09f0ae3b

SHA256
c0c4aef3544ba320873d79afb467f882ed282c311bd707acd67d007439f078ce

SHA512
861b0bcd5b6a48f8685f310d4b80d31a8ed3993adb813c1f326a6914e4939652c012cbc831c9de1c0aba9e3a369c6e585dc50081bc262ae56771e1440e2706ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3490883273111e9cee98cc7c2ac9d03d

SHA1
5ed1df4f4f6b905a45c4dc3a11fbc36a9c414dd0

SHA256
0726384c39603d327187109e69cc7e7b1f5202a5f719dde9b50d1b3c1901906b

SHA512
762603295cb6ccfd4f5375c816802ef8df4e35c80bfedb50e16f6a444cafcd27619d993e11929d4025d0918d815e73cee60a1e2a42f7821b217433c1208a8126

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
12132275f0e7d9aacae8834bd1836792

SHA1
b7510894bb87b8013f168ac7daf76e1c147e5318

SHA256
af9e4a13fab56c8ee19843cfc767ef3ad510315731b9a76de13259cfff8e3467

SHA512
72e7adca076b1b737d436f9727cc37d7a0d6883934aca8e9782d9266fe2a4942fb240d9152fb92b3a2783c8a0c20af7f6167e8daba0bdd6869bd4bb783b12edb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7ffe21f93277ffd0fc47ad32cd00b001

SHA1
178e2fb90e86802fab37ba73af23049d17119ca6

SHA256
be07b079d9e4842e70b9ba4e43708b4ae7a751544212893b9cc2b23dbe2fe04f

SHA512
335cdd3b1d8e404020260ef5dbff77dfc7b3c5539c9926466f5d83d2470207b31aa5f27a6d8ac4cc2e55fbdd7d2609a7850cf4e075d941a8a807674813338833

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
22e41f84b7694143011c7aeefe4cf065

SHA1
81843a710a8763f7a502a2e3ba26c2c6ec5fa07d

SHA256
617cd8eea3292eac3c760aa6b74a1393c77c9f9c772b2a6d75eac71ef05f7ce2

SHA512
20ad9afd072c0d1c6d12c222a13f0dd40edeceb82b12a9672e722d9a8b81e43d7bdfa1c498c348bb28708015aee4af8c7ec98503df489c19b8c4e17226b995cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c16ed7f531ed9bfbdfd7b669d0a5fa27

SHA1
9a96f596d09a144827fee8630030e0e5745b12cf

SHA256
891c61460b8e913d49facbdc19dfd7b2f460afb9075cc79c7810cf10687be94b

SHA512
52ba004fbd060926fe8c697e0d639cb861d439a00836aa26d10def381fb7b52e7220797c785dfad50849a7afac47a63ca6f080a5f05d0e880bda023e14b8dce1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
9f2dbfa540b9b57c8b5f4a5f2d2000a9

SHA1
0609f126a1cbd22d4cc779a871a2271c381ac594

SHA256
0f8509ec3136fa51a910c0ea4ca3fca68c57e08d41ac67a36f33b51cdb984bcd

SHA512
ceb109529e4f609d300b0efb8f04b07601fbbb95949687c3eda60b2ee6c3c115dd55a1ff92b93b3eaa2be265e3ffaa08a0fd224b2dc5c61e06803914a46ff6da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
c9214d508660575e3aca9f216cd24f25

SHA1
9db9ed9e84416c0b4517f61239bca38178b4128a

SHA256
df339c6e8d36efead730adaf10e27734179715902c79401ff4684c5b1cef372b

SHA512
8fd2e03c39af1b4d589f83f3d8926043b7539572fe4d0223a1344b30afda95f15512d69042a98a877fe3a6c6eb285dc24a825c71d6a7477c597522d1cc7ec9bb

Download Submit