79e8d92d6a17ce41a8d3721cc7b897fe325c3fe5d645d089aaecda7f7cc67903

Analysis

max time kernel
127s
max time network
123s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
15/09/2024, 05:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

lnk.exe
Size

20.5MB
MD5

8f0e2f6adef6c740e76a2506ddc9512e
SHA1

045440269af26b110075374e7de197cb71c5c1a0
SHA256

79e8d92d6a17ce41a8d3721cc7b897fe325c3fe5d645d089aaecda7f7cc67903
SHA512

807c37670f1e227902107b63bc3c03fb0bf00bf062315a24b06797ec8ed8a1507b11f7a1dd8059b75c12e93635e67c88c6920e1a2ca5a5400c2dcfa7fcd21cf0
SSDEEP

196608:Wn2zUMIxLVEfpHZAdJXTDV3ZAW2LWyiZ:cMIxL6f2DDVn2

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Gathers network information 2 TTPs 2 IoCs

Uses commandline utility to view network configuration.

System Information Discovery

T1082

Command and Scripting Interpreter

T1059

pid	Process
1484	ipconfig.exe
4680	ipconfig.exe

Gathers system information 1 TTPs 1 IoCs

Runs systeminfo.exe.

System Information Discovery

T1082

pid	Process
4496	systeminfo.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133708517302986996"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
916	chrome.exe
916	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
568	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 916 wrote to memory of 2500	916	chrome.exe	84
PID 916 wrote to memory of 2500	916	chrome.exe	84
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 3144	916	chrome.exe	85
PID 916 wrote to memory of 4876	916	chrome.exe	86
PID 916 wrote to memory of 4876	916	chrome.exe	86
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87
PID 916 wrote to memory of 4372	916	chrome.exe	87

C:\Users\Admin\AppData\Local\Temp\lnk.exe
"C:\Users\Admin\AppData\Local\Temp\lnk.exe"
1⤵
PID:920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8e73ecc40,0x7ff8e73ecc4c,0x7ff8e73ecc58
  2⤵
  PID:2500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1800 /prefetch:2
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2132 /prefetch:3
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2216,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2308 /prefetch:8
  2⤵
  PID:4372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3184,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4412,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3684,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4776 /prefetch:8
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4904,i,18149052275366746117,17576280559812944522,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:4248

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2924

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4488

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Suspicious use of SetWindowsHookEx
PID:568

C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
1⤵
PID:2304
- C:\Windows\system32\systeminfo.exe
  systeminfo
  2⤵
  - Gathers system information
  PID:4496
- C:\Windows\system32\ipconfig.exe
  ipconfig
  2⤵
  - Gathers network information
  PID:4680
- C:\Windows\system32\ipconfig.exe
  ipconfig -a
  2⤵
  - Gathers network information
  PID:1484

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
ed7adf3cc5c4dbcff6dfc5b5a6296757

SHA1
5c0e642caa46ba3e27e450b1d5b1396d5f308873

SHA256
1583b38afcd88f33ee73eb8fd5e8ae99cb8535aac2cb18ac7db67c5cb52f6a80

SHA512
2f11f002b6286c1bf97f88e7fcbf9b2af184dc8cc059bf39685f1e7d99bab077428446b05b49c8b876ec1595159b057d39a580caa5d08065d14173c75116a9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
090749ecd8402e0ea440d2104ca74306

SHA1
3879061a5a81507ed9c6f643f630e20fcfec76e1

SHA256
24fdd2f5cca7dd017427ca346d45af7bd994dbf8c65dd144a613b0669591479d

SHA512
09f5cdffe0e6f58233c22fc77769e06e647a7aae4984a9dd5a82ea75f753d65b6e96856805208bf958636be53a126e54970d2cf23043743d200b08acd04d8017

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
eed0d0f7b37cca370f9d3a6cd4cc2be0

SHA1
479f2034f2405ef907636f27dda19eb8e2a58615

SHA256
d3fc662dce48d38ab906585342a15327f81ab424f5b5e217f0fb76f0ce2a2a55

SHA512
c3fa26b481c54ee9fcddb032659a3961798317e90e21333cbbafbc7ac0ab255b71c9502c006c3598082696f95723535b4612b6ef9aca11d6f151090fc94b8de0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
051ca2e8a495c2c391845b6804ccce26

SHA1
0ecb1fb1618f26c51b2dd642ced73e71fd2b1ca7

SHA256
892c6320732ed99aa189fb3665e43b73405783f27eef1aa303da81de219350ea

SHA512
c8bcb3e34e14e6bb847f68dd3c1e8df1b7f5235b4d61134a860addc32d1ad86a12ff9478bcbc0f5f348fb87912c7f330d655ca909bd83d02ca1c8e1cdfcd4302

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a1f7150ce3425cfe035aeb18d9d44258

SHA1
7f93ca74a5fd9e113768e1b51b6fcdf6e68e0d52

SHA256
67a4235767512e98ba517a6e0dd6c4b404ee77e96f5508e31bac33f5febc98e4

SHA512
15d30ece9f166a737272c694d122596167a764f0be32747a74343eac3c06d1a1bd4660458bc575b9543fbdf24a8278c0e8dd5482dc1ded44f85b6a84e7f8b05e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fcf847c66e2a4057821dc7dc09d20169

SHA1
6541762be0a3a70beb654af4e1fec3d12ed1872c

SHA256
a6dc3abc62f0ce447cca6be223710a920c397bb0a2b708e171dba78ac069fcd6

SHA512
597f414d08b891d7181cd78f2de6208a7280323e67178436609fdb949dc1cedee247a7ba53d24c2aea52a94edfa4d246edfc9be0a775d1a3eea5d7679936031b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e157ccbd82d523243054e1195e89cbad

SHA1
fb5722e638db64eb1dd4ba36b29acae554fee625

SHA256
681d7bdadb60422195e6726e643bc5fb53b2cef3d336ded5d3c5db536c155be7

SHA512
c97729b4424c5d297949a852f21c7198b91d73cea0a7cf12d2fb0102b4eecd6b45be307b160e4bc6140d60af9ed9041a2ef5841b5a10f4d5a22e379c5a61f6c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
208KB

MD5
160c0c251811d031f1a04b35f3ff86ce

SHA1
0710ee0bcedb934ff4c6a4c4ee0748eb6cbafdc1

SHA256
89d96bfae54fe697eb217a203edff90e2b8ea538ea176aeaada9090e272f6bbe

SHA512
4735b575bce255e27dd48989560d13fc255246a792747a32d5dfdcd67042abeaaa6e1c985aaee1c2c9c553cc4757b85adffc809e08f3b65cbfc9ec6c0b7de1fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
208KB

MD5
aa2e72e4d8a2c142e0cde99ad5d2409a

SHA1
b3e3f909c37d84ee189fa0de64ed267a546d6faf

SHA256
921c003e72e50a9a546a518970cfd3d36fc98602d3e5196c686097a994665dfe

SHA512
d9c9fea256a99b1ed861e0e9b2bfe77885cea58efcb445d9a03a73109e7667a28a706814bdc018b7cb38b1879ed477d9486230386eeee8aeae8546e3896cffdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
5d3f15df82d82fde42677f39d5eb9243

SHA1
39386072626bf37c0879dfeb95dc16d927961c9f

SHA256
e227174c5b0d138d48b2822978f29eee2017e9c64ee9efb8e7ba19de345b5758

SHA512
87f4b88d3152ce9c742afe28568c9cde705df17636833dee8f81a39585157ca42d7b44aa91fbbc7ef8f1e3c1cd67af31a0bdd6df55abacd3404fcbbc10164856

Download Submit