hxxps://dev[.]gateway[.]medium-voltage-devices[.]salesconfigurator[.]abb[.]com/?Accept-Charset

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
13/09/2024, 07:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://dev.gateway.medium-voltage-devices.salesconfigurator.abb.com/?Accept-Charset

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133706853725825252"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
412	chrome.exe
412	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
412	chrome.exe
412	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe
Token: SeShutdownPrivilege	412	chrome.exe
Token: SeCreatePagefilePrivilege	412	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe
412	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 412 wrote to memory of 3240	412	chrome.exe	83
PID 412 wrote to memory of 3240	412	chrome.exe	83
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 2912	412	chrome.exe	84
PID 412 wrote to memory of 3412	412	chrome.exe	85
PID 412 wrote to memory of 3412	412	chrome.exe	85
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86
PID 412 wrote to memory of 940	412	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dev.gateway.medium-voltage-devices.salesconfigurator.abb.com/?Accept-Charset
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd9562cc40,0x7ffd9562cc4c,0x7ffd9562cc58
  2⤵
  PID:3240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1972,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1968 /prefetch:2
  2⤵
  PID:2912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2144,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  PID:3412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2396 /prefetch:8
  2⤵
  PID:940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4820,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4832 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4844,i,12478752925207369272,13925725608352628504,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=728 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3396

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2628

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1356

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
727d5afbfcb5c25ed9988c5c7c8b2c80

SHA1
7dbecfc5e0e363c4cd629db475ed19f411f81d95

SHA256
6068cc614f845f1276d5481a18676d355f23be8753e7b3d1a4c5d5e98da0e124

SHA512
320d5699e17341eccb43a50d34c57d55bbbc1590a7f0aeed5a79471fc18970149d09d0431795195b2d5173d2cf40131747c2452cc78a82ac47ca86b2323e3176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
d8fcf3a66fa539c6da1d6800cd98f775

SHA1
02bd3d76328cfd7105187a8da0dfdb783c666878

SHA256
df16d2b4dadd4f10253818988b39b05f3bda9d1f551391cb560604c1ed209f27

SHA512
626616b737660dcefdd0f159d86ef9c4f02409d2add22f975d8d928046f4ebb8a5cbeda2cb80deefb23343fa5ea1f55a0d3a5911aa0da9bea93858283e89bbd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d31d7000967bed7374016c6a860a3e4b

SHA1
11d8d839820108b79c98a154c6fb09d5d0dc4870

SHA256
2d0f5a93f64c0ffba9062d84830646131636c4acf066ac33106c63b43d197522

SHA512
c2ddb85938519757ff148a42efbe752ca14d7687cacbfd6b51def854ac02dda588cd91c26955aa5bd3fc38b0c0b120431cdc5f2618bccdfb2a8eda8d5d46e37c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
987d04cdc0588594a3141e3bcac43021

SHA1
18162b35ed5c60249785a760c54584a2d469d835

SHA256
2999fdf124c93e01fa8833180aa589be5f3603f0fa63f1e2f73cd227c22b0ea1

SHA512
cf498f212ac5cba62d996aa978d5fb703a63a53746b204691616efef350e92fe21d38e61a3433bfa227a8a07c757052cbe891b886e2e03423d26ce0ac005c9ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2ed3d1397d7690c5ca6ff400eac445a9

SHA1
7391462a416b54fd9370a6f757805afe62f6b4b8

SHA256
7e76e3de5f7c9763b798f574282427693710f712f0748c6a1e8189428038c74e

SHA512
f107eb5d3c24d6a234776e257c45d03a60da6d9b8b380da93ccf120212ce437900ec1ec74d131760f6c79abe4c9ecd5a581948b7f1653f8dc048173a93a23f5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
290ead0a1fa5f9712ca9c84ddd147e24

SHA1
c38f49c58e090a7d0eec4a9376d6010ae4c9cd03

SHA256
f871e2f123bb571e1acc52abe63ee2846c7b2b5b8d53c34350e7bc965c32d1b4

SHA512
7e3592d6765ff83ef5f243f243d05a48ab70b4d0f6f9663415003b6e20c83f9fcdd6f032e090306b2faa9a0ce3dcc0f999be8db358c41a566becaa3998fd0992

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1bb721fe688fcf4d073e5c5722a66193

SHA1
41fee9a9f2c07f76712e072120e5e5dc37d763d7

SHA256
4d5d95f1201b67c2c0e3659f5649ce8cb5672d7978001793bb9b8fc8ab06ac5c

SHA512
cb387c6a00ac302c267ef071647482680e2020fca1416f0288622dd89bbd8ff8d12ede47150d52df53c093843aecb4943d311088132ff40a505205d58fbed674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0cd6bf043aacbb4c9b56b2c93634b047

SHA1
53aa17601afc3613db80c850a274066a58eb279e

SHA256
32f20312ace38b4597c0fd18422dcf61b42c0d073056cc90e6b915b196d68290

SHA512
61990b0239e0257879d69c41f1c81f30c329ce81797d940f9e2a8aaeecbbcc82a5d4be7eeee1f53c764513588a132a5c5040a803eba2956b48c7a01351d57618

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
aef543a4b557489a13c001cc8d1b3f4b

SHA1
a838cc293ed0c0495ed03cde2baff93e45d82801

SHA256
0ae63b0bbbe975a964acc5497d40729dd3fb8c9031fe3ebfd4a7fd2d4cf96445

SHA512
338c2358ea6a37cdc49bf48438e9cf49b8d6cf59c7b122e3bbeb1b2419322d83cbe0c6dcd9c78e743001ad83a60d607c28d30be4cd268908733e37e1b9385de1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
855e1f1665b94d37144eb26e7aeaa37f

SHA1
b401c1a2b7caddff0e00e2c4e40920a5dbc1dd89

SHA256
ea85ec5137695b59b2f65b6a15ce0ffa158d9774be9cd514ea797be060298b21

SHA512
88167c8e939efb26310fb96005c4658cf685dbb9f3c7da650e7788c2985635ac7680bce6b67d11f2a12ee1b3cc0b96d02184e85ba1ef68be6f96711d853ba401

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8c36595d05d39b7155bea75780b4e5b5

SHA1
aaccdbbd4a9069427403803b2430c92b37c98668

SHA256
19c2ee56af13e1593c9d97a01691c560eb3c8afaf82e067f408baf51ee3a96f5

SHA512
aa3920b48132f257d8fdf23b9883086933b8e8e2fb4b9cce13cf7f727e6806d4bd8b393828ed998120a3dfb020182c371bb3a6fa39df27a1a7ba0f35cb6b2b9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
a8936bf076b62c8f008e07f3d199f8d9

SHA1
2f43d9601834bd0891ca695c92d515617e3ec00f

SHA256
069aa3cec41be61b47fe32f38552ce549f2a152d392735f5370f80e32fd7e007

SHA512
9101557f036a00190bec1167d57b914cfa8420d6158c57e008eea5f53b6a0408fe925ecf5653b479c16ccff2fd3d0f36d897f11c30e833fbf6bc363b16f7da33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
80ae9018ce37ca84785566d5c69a1d1c

SHA1
4bc90b50cea2c2d72d40f0b82bd6367590cbfa50

SHA256
b10dfa00e3113ff3f412de2aaab4cd43650ae51cdc6de25248fa93f6a67fc4e4

SHA512
f8b150d9b46e962bae2649636168ccfbd511c3b89ce66c4320b750fca972f9da0f33fbba201a61c07a9da800746c2805bddc3655b97d8dc56e7fb764b02ed042

Download Submit