hxxp://v-tax[.]be

Analysis

max time kernel
149s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12-09-2024 01:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://v-tax.be

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133705767405294274"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3884	chrome.exe
3884	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe
Token: SeShutdownPrivilege	3884	chrome.exe
Token: SeCreatePagefilePrivilege	3884	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe
3884	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3884 wrote to memory of 1788	3884	chrome.exe	85
PID 3884 wrote to memory of 1788	3884	chrome.exe	85
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 4804	3884	chrome.exe	86
PID 3884 wrote to memory of 3988	3884	chrome.exe	87
PID 3884 wrote to memory of 3988	3884	chrome.exe	87
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88
PID 3884 wrote to memory of 4724	3884	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://v-tax.be
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9cc52cc40,0x7ff9cc52cc4c,0x7ff9cc52cc58
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1560,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=296 /prefetch:2
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2080,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2284 /prefetch:8
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3036,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3060 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4488,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3660 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4640,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3488 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4036,i,1228708769003068060,14958328787957901232,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4780 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:840

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1720

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1116

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d17c6b0523d52719351060f0fde5f8a6

SHA1
dd4fc20eebeefe9ede4730602b2f1e3c1aac744c

SHA256
aee38728edc0542f88a15f003caa668b34986493987d8e9da7fd12cf4cf2c599

SHA512
61ac6ab8bf3f1cab52d0bb9517143f2a6e0143a9b395cf23b1a01d8cdcac214221fa80edda04e020509d599394bb9e6a2cfba52873aeec1cbf0ed6e1a86d5fe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
7e08610ec192604fd832c3e0808542ec

SHA1
9e5d8560430db57a7fe0056a83a75454cbdfb753

SHA256
ef31833cc76d759e33c92648b404c4a2322d83ff476a80ab00f496171d76ee80

SHA512
0a9068f5555bf8e99dac447d39a9b3622e3e7a3e6af66642c6c5612b6d4a2fbf4e23b820605235c8cb05ee42de9bcdc964464df54f8eb97943f7208ca04f2224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ccb19b8d022ca4f9ede341f7a9f19801

SHA1
896490be60c2e62cd442f884800f312fde1381a5

SHA256
f234088d69bc828f7ef28647f16ab895dc1706d98fd5153e4ecfec14e3278d6b

SHA512
806d2e91ad0dd704ed64ff372d9644e6d28ce7790b8c7f40982f2863d17d978e06591a0c5f2de1208b738187be94eff05c9ed8174431b921a359c92a18b4b1f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a5afabf00678a5e31fbe83a33ec6ffd5

SHA1
d2fcfd228d7ab6567a3b06b7b93c09e233389907

SHA256
8ebd985c3f7ae4de42c46d050f310ffe3d1afb97c8405ae0938982a9624c1c9d

SHA512
bef321a397a51912b3cb65f402f25fdb9aebdc4268eb45fea383c1fc7d158ec17b27d96faaa40dbac9bbd209c15503039986395c8a0ab448b98b9aea27b05dbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0dcf1e03e586e97612aa0189bd42f519

SHA1
44e7b35160f01ca9487e3fb52205729873f72118

SHA256
b9365df2cc922715ed7f0b720dd55c948c5b459b87dcca635faede4f697b9997

SHA512
f8126d1a45f84cbd1f8eab941a0e41bae20db0fadac559f0d706a0adc1144a429bc06d0b830e9f29329b2b43d3d86005f9685dc60931e72fa4e9316efbd193b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8e554b18a770c0232aa94f6e801cc0b2

SHA1
aea7808c45f407f7d92aded517619e06c894153c

SHA256
9de21b646518a303d44e7c2a48f3b68181c50c9743bbf4ca53182fe7f1ad597b

SHA512
345619a3aa4f042e8d00b83d0d9b24d92c2af4ee2cacaf6f54620cd8ee73cdbada34719c0d2077215b3ac1ff7712e9f48e47da77f260695fcb15c1ec6f120c38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d4247619de42d3e6cca636e3430f85a5

SHA1
216f5efee49ed4e6e62a41e02e53d3a320f3b454

SHA256
9bc148adfb1f6357892aa982369f1f9ac9dfe8d9e92fd77a5a49a6c71d63a218

SHA512
9acbd970268d8f93f288efc70bdb31fc2b5b7d49c619f71ec3d00ca1381e99c323c15f551c62f6c97b3d9929621534d6fc7a56b3f3f2df1dfb837ff691716071

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
20a2dcaa0c41a489da09e640aea3126e

SHA1
5e913095f7c4b203411e8616fd37ac9f26b79d37

SHA256
3cd020bd7216614496ea8ff52e301bcf4d471f9e536f819cd20540ec5a0bfae5

SHA512
cd316c33b9c6c519414c0b1c130c7f91dfaacb58b62cca110a430384734fd1c7e687b52ab6fcbafe5c589cde50ce6e6576f4abe573ebe6f69e47aab3350e68d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d56d3bab7677a2f1c04c58769bfaeed7

SHA1
69bb054ed233d5e235f43d84c810235f02622be9

SHA256
263dd5c5436e4e66fb6a69f4f04d9bb302541e1057bfe20ae2c70a1680027dda

SHA512
fe4ead204e8a522e829bb49667428feeb71666d788380ad76859099f3fe6ff2181041733d6efd79392d8e6d85382180f236c1c002eaadc116f8425c0a1595c32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f29d6bb8fa89090530bccc3b48424d99

SHA1
1869d0b60deb07809c8f50b9f67f808315be554d

SHA256
59b86d6e795ebb6eedc73cf3d73593d5fe732cb947f7695df626d87dfec80c61

SHA512
2fb1ddaba9acd19a8af5cb632299b6ac16bb82c5feaafe308540bfc5cc2e0886c58138695e9c540e1bd51abecf2f64c0b071d314960923168f978b78d2b9ab5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
860eb5f0e58f435292824518de100b8d

SHA1
54bfa4fb2aa5ced712c2bed9acb7e7e45437371d

SHA256
99bfd273314b95b4e8558530b692392723acecb326dbe6fee3f043d2b64e6727

SHA512
bb92cbd3ec63fd28e8eac9cc17e477bc92a61f9f70b301e50281f4b79685cc8c078fc0985827ffd45c148349c5cea849a580997ba54ec904abcb50db63482dd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3def2ac465dd436e6bf987dc5443fc3f

SHA1
6a28514631531c9c9b919aea7c285b1b25ebeb4a

SHA256
1a20e8a0213a8c3a3df9ea7d839d92c6fa2b1d8789aaf85812e973a125b08fcd

SHA512
f04d37f608821200f2d49c772ae5618d0423eaca5aa3847ac826f7e0ea195d27b42ecd628fc5c7c818fe28fe1dcfa385876ce6088315104f9f1cfd4be768aa43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
6e034be167c90b9514a21911f215f561

SHA1
9356977ecbe9cfb1d32482d2358710a6a4b8e6bc

SHA256
9b92bb9298c83fe7700d8264ab6a99a09794959a4b513af869bc6d72283c6955

SHA512
59b6ef6e3aaa699937840b01bba1a4eb6432fc216fb74bc982c096b52f3dc1b5834d730f3ed87d8dc63ad276ec1a78cdc08cf2323eb4b166e9353bf6647d4334

Download Submit