hxxp://infoprecompilata[.]agenziaentrate[.]gov[.]it[.]com

Analysis

max time kernel
150s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/09/2024, 12:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://infoprecompilata.agenziaentrate.gov.it.com

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133698414345223411"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3060	chrome.exe
3060	chrome.exe
6000	chrome.exe
6000	chrome.exe
6000	chrome.exe
6000	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe
Token: SeShutdownPrivilege	3060	chrome.exe
Token: SeCreatePagefilePrivilege	3060	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe
3060	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3060 wrote to memory of 5028	3060	chrome.exe	90
PID 3060 wrote to memory of 5028	3060	chrome.exe	90
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 1504	3060	chrome.exe	91
PID 3060 wrote to memory of 5016	3060	chrome.exe	92
PID 3060 wrote to memory of 5016	3060	chrome.exe	92
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93
PID 3060 wrote to memory of 4332	3060	chrome.exe	93

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://infoprecompilata.agenziaentrate.gov.it.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc0425cc40,0x7ffc0425cc4c,0x7ffc0425cc58
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1872 /prefetch:2
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2052,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2100 /prefetch:3
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2244 /prefetch:8
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3012,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3048 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3016,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4420,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3648 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3388,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4584 /prefetch:1
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3396,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4628 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5036,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4904 /prefetch:8
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4884,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3316,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,6582095684360058187,7944049389171872622,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=724 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:6000

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4864

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1244

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=2540,i,7447299413640964517,4240724842020506306,262144 --variations-seed-version --mojo-platform-channel-handle=4356 /prefetch:8
1⤵
PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
2992ae6eae68a96841989ef408baab84

SHA1
d3668fc7db8a3635ff594bd738932c34723c4cf1

SHA256
d43609e1a2eb115b4e11ba06c1f2370d03925d0a3c64595d942c4f3f501a7bc5

SHA512
5740078d5869a78b4786755b189ace5d552a3d77cc55967f04521b303d143dc463c69ed98622e926c7ae8eb72b7d0f354e3fc0f2ed780019bcccf013ecfcec38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
f2e595cee1647dce1621917023ba8a7e

SHA1
1f427a5d12bfe604d23319859b16bbc443c41bfb

SHA256
aaab7033b6eff7968afb3e107e5f1e41bbd5d856ae4661e8f125526666f53000

SHA512
deb3fea9c4ea47d1ea7c51a418ca3461fda84eae49a846eb8831fd7cec0acf425ca7b52712f4bc46fc3a93634e3914b6d3dbf300dd6e27e47496b0e6cc1b7451

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6da95b0107b920b0ca2994ba4192ac41

SHA1
f0e821a9411338e57c7149df0f1c8842f2885fd1

SHA256
0bc3237f1520cef3eac40899ac149069e75afd2744da8a8d652ebc5c8b63d0bd

SHA512
9597de93cd2d8ded8d855a366f0bc91faafa45bcd60dc6e5bc3df381217bdd296d98b8ddb216b95447fd27535e4fcd7be4466f498bab0d969799fe1deaafcb04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8f3cab91f62cafd19ee8ced897e53291

SHA1
ea7d2ebb8cf63a6dd316bb1b1b48c9bcd6a7c769

SHA256
d0015167a81574492ad394f0e7a4b22c906bc378cbf4d0c4c83434c561f37c66

SHA512
f7c44884436f449000aaa051be18117a78c706fb32bad167b4f93754c64237909dc863f4605f4521eb974d5336ff5c8b4790999c191c8026edb3c83ddc6235f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3695ee006311effec1f9185ac3b41047

SHA1
358c4eace96561dd831443797434a36d3ef78b59

SHA256
7c3ee1e22716f5f0186e8f9694b5fb7754b55f033ba273fe2b546119399e912f

SHA512
f19b2ca21d486c8761e709ee30cdf9288c4517824961a15a45d494e8e4207a582bad3af65057cc8b29288d236a587ab8ced76ed9d10abe8dbe740f469d9f3c91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
49a3d2fec146c13cac2d91598efabd4b

SHA1
bfc7a6ccc173d06d6dfa38a7da13a64035ea743c

SHA256
abde1998a202f5a9ee45d656ba07af14b39d9fdca3ff0d7fef837de84332bc5f

SHA512
0a88b7a1de4c0cb657cf908540a2a86b818b33c195cd36bf0158e87cf2f32eba0dea10f1217c2926d25da7e67b15253ea4556451050c49ae8f8fab00c193b5ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b1d3bfe8b65cdad3a3eb750a9303860c

SHA1
edb7111cf8c1bc3831ded96cf3d034c77f81b0dc

SHA256
ba4d5e4db45b123dd9ef852da725511af74d7fa9bbd35f761956b303a9005abe

SHA512
286d05049f5efcbf55deb112a7546a18ed8d63f638daa206a25166dc26f5660d40a4e28c3ec570cf09e3cd243677856b0a8e76901f615305516ac6438f2232c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
63a55bf19428c9da4b34838071e79aee

SHA1
16cff7d4d0d5aff924ff2c4fbf33584feb329268

SHA256
27a1a4cb63477f2869b8932eeb39a3e39ef0df364375781e9a57bab30f662468

SHA512
80a43d40a63d792b81021fe947ddb87d390e8408a41fea0cbb6619d128de91f1a84696a519d060575c6f9cce8baa57035c304428243612eaed8ffd5e3cddd4b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
90a0008ec1cc1ed237936fa38fdd99c9

SHA1
1b7a41b80730baf5f6ad7a417b93f06827627594

SHA256
50347c509d52c90712c8b30a8f782486dea372f6e909fd0c3756522cae7bb4bc

SHA512
cf81a85ec1bd43a3eec149c8247141d6d1dec8f066ef696cfde3edb6053cd7e91d75aa5ec5ce21a3ab3efbb9fafc340a4e70d7051f883567623a089733c79388

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
127dca7d03601c241d13799f4daeefd0

SHA1
770d8484c16720106317fc8ed9c68968865325ac

SHA256
7ce4b47c53e5f427fd89e115b1d9a10fecc6f6b8bb2fc17a039174bbc79ec18f

SHA512
06626007d919fc1722b7184dd9e442e28be06f24e6a5f597817df49208127b22264ce780ebc83a720765c91dd05fe172d697478431c82047c4e2726e8c694b57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cedad78c334dca19497ba5ea0b249b08

SHA1
7d4980951e68bee707e30acf842858624ecc071f

SHA256
dea43c8f83ba30d52943c9aed758c46d35d04e93a80406fa71ba4120313fcd69

SHA512
774c26823b542b5cf46de0e0e873215fa2e1c14ec770921c9f3efc7b80ec99db3ccda343a2932804a64b398e10be13febc56260865ec69c5bb8ead8ec81a72ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9ef78b99c00992bc921c9725d73a9a34

SHA1
afe5f133d319f927c81c7dd6737ad5979f2fe373

SHA256
75b5b609c5b2ded711f78321de076bcf8d3aa2b0b8032dc0f28f922af8cdde7f

SHA512
0260081380bd77f52a407b66d7320566ee0d42e43d7930ef1ca67e2a1a26d6289eb3cf1a6980f9ca0938faa40ce772516b77146c65ff52214c0a631cc78c3a2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
1aa038d9273e2411fa461fced7cb8805

SHA1
70aa5be7c878477d1a3d894adafc744a13ba6ef3

SHA256
3a0c008f2175b70e30126c030a2b0e799453b933948841ece098c133caf4cde4

SHA512
986c2361c0d1a9067469a2bdd4c7170c8e40e14ed0226796e2376898b899fe678420f37381f9561e97de3a2fc1d27a742c8d7e05a6b0e69f89da7ce7db36f285

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
fe8040e5efc138a3a7f2e00760488e24

SHA1
c09dedda2adfead8019905ae939876ee5908a811

SHA256
9fc7436f12b4ad132f5761b9f389d738e46f80b7a21693578f468eab2273a50c

SHA512
96fc6bfc1267fd35733b9d0d97dbba578f45634f123f421fc2ae8e10788a0970819510df9cf92feca60324f38627d3c1caeecff33b42546ceee42d8db50f492f

Download Submit