hxxps://playvalorant[.]com/en-us/download/

Resubmissions

19-09-2024 16:44

240919-t8xm1syfnc 3

19-09-2024 16:41

240919-t7k8lazarl 3

Analysis

max time kernel
97s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 16:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://playvalorant.com/en-us/download/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133712377413558020"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1824	chrome.exe
1824	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe
Token: SeShutdownPrivilege	1824	chrome.exe
Token: SeCreatePagefilePrivilege	1824	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe
1824	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1824 wrote to memory of 3016	1824	chrome.exe	82
PID 1824 wrote to memory of 3016	1824	chrome.exe	82
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 3288	1824	chrome.exe	83
PID 1824 wrote to memory of 2952	1824	chrome.exe	84
PID 1824 wrote to memory of 2952	1824	chrome.exe	84
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85
PID 1824 wrote to memory of 4772	1824	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://playvalorant.com/en-us/download/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa591ccc40,0x7ffa591ccc4c,0x7ffa591ccc58
  2⤵
  PID:3016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  PID:2952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2216,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2420 /prefetch:8
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4460,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4544 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4424,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4480 /prefetch:8
  2⤵
  PID:1236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4860,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4492 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3204,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5080 /prefetch:8
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5108,i,7586885648981191915,13489392003132824203,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3824 /prefetch:1
  2⤵
  PID:3292

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4956

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x308 0x2ec
1⤵
PID:2708

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
655956daf4c598460b349a872afc6fc0

SHA1
2c62567462c36f50abbe7182bc3e76c5aed8c3fd

SHA256
b45344598601a1fc2fc4e1d196f4812af90d8b2d840be4fdaf2e2643e37f0594

SHA512
e0256938e018188ffb6be26a480030417459b72bb23b6ef6f9fbf6376ff610a6497acb4d0a4a69f7341882be8e60b10778d371896efd432356e68578acc1ec77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
2fa877b357c2fa629fd0fc9c98fb4caf

SHA1
444ae288164656ca2aeecf2eb004dbb983450021

SHA256
ba4fd1db77d0693734589ce6baaa779e2ce55a611293dd179f72aaa963fd598f

SHA512
88d3f65e32840400d1e24d5a6f7fb0fa3966f4f503bfa24e74813ffd9635d2338daeb0578126b8afee4b07fc54d2fa2479ca93c2b36f7fd984b076e5cd939330

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d134efcdbf84f7f6b98390c403768633

SHA1
bd7966e0939206eee0e97d0006674de4bd7eecb2

SHA256
65c12740e3f1bae0006d527599a28269b2240bb4590d3a6a29e61072b56839ec

SHA512
3b0aae89f0a60e6620bd18287b27fc9197aacd634867cabc1b03192b981778476e5b287766c3a25b6678bc3d1d10d279c939cc961d667a3004fc8f8d33f5a7be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
855B

MD5
d8afb2b3d9d944847ceee1b082e40676

SHA1
0935b5519e5d14d39ec760d4a087ee6c5026cede

SHA256
00dc2f96e8bab6d54962b11aac81a9f2754685ccbbfa040a0e7a0d6aefafaf7d

SHA512
f7e20591936567b39d1487f6c3d7a05092272eaabd26f8e06be1aff3f45f155c67df27bbec7e8d1d8cb874b4d57acafae9f6c4c6362a8f1f1a706af23233d533

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d1a2e49f3faaebccaaad14cadfa0aae2

SHA1
f483f5c711d220f9e4e849057564466d01aa576d

SHA256
2a52f44dc74393a63e23f7ed38be1350c0dd98f49dc5cda14cf013eb67ecc257

SHA512
44e5f9e208d25e484ac098d10f6ed2d8e067481101d60fbda114f9ae50659461ce1506dbd0a5eed4d71ce207d03299ce0688dedf0cff4d3891bad14bfaef05c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
541bc5890a9209aec48657a8c4131819

SHA1
25a73623e454081c8d9c7c93d7ed6da61170e840

SHA256
f9dc079274e107ec550ef76a15d5704a00b0e5b3dbd46765d0352379362d195c

SHA512
4913cef6797b5a3db2fba918da5d1cadbd91905f02d7030de52255ceeaa36c044d9b57667afb2c48a1db8da0fee9277d9a5e3eaa743167539f1878b88b57aae7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a6679b35499ae826a0ccd5c675d3e3a6

SHA1
d9acdd50eed5c8dbece71a0096d0082fe4ddee41

SHA256
e1e478abb42c7acf9a73e3eee88b352cc7b51e6e0605b111d3158d6ccd7f57b1

SHA512
095f5687fb53edc3f83fdf197d97fcf7aed5b905f0913f166913e06ad0c386b050a8db37fc823d867de9eace651af5ff07b5f2aa2b9f4fa013cfd942617a6460

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
75f84d2d9a9ff91590af7345a4970743

SHA1
96f2ab4c5e3912e1c5a18ebad4beccbf9b257ca7

SHA256
e932b140cb08fdf5ccd3bf0e16a076275c7bb614ca82800c9839e5b443b96636

SHA512
1121490b7edbe995ecc33b5ae219ec21864bf6c6c94589e6a5bf91afa9d5609c99badc9d71d611dfc7287389ac83bb9592965db92a8b2e190e2f3f0ec5d83877

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0479af7ea24e892a009cf88a9ab64950

SHA1
762f3196d3bd846d0b05b8f8d7e3b45e70205ba0

SHA256
86228bff0394175ea01d28d8ea5787b5239f04f9b6b19bdf52a203d747dfa1c0

SHA512
bfdfb91971d0428c9e8d407e6ab6b4d4356bb4202861e79fb3c47e73145a08744edb7fe2d853b060c84a555d59a3e1494b4093370030c2432da55e871a791551

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fa59d2f6244f681844dccb47839ec27c

SHA1
c14810b443ea8b2b37b027635770956dff505772

SHA256
a2648f102348534318913b2e411c9f0a258784606e31c6b657f9fd9719b3e65c

SHA512
3c2d88ffeba8df81b5c8d4d6dbe6556713a954f065032cc9e1d1226a6f6cfe36f7816f693a6632cdbb56ef612e7c48e761d63b1e6a70de1e2a0e122fdfa9bcd8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b9f720b2392b52709409712e2a995e80

SHA1
9f3e54463b1f66e3245a519d24b73f54555c640d

SHA256
316d116b9f4f95ee30329650d2c5bf2ee1c08242490fc9ce29684b9e7a782159

SHA512
9f03cd0280ae4ad604b6015e7f44c4b137dfa8ae1ed65fa84ff2789d4ac6239c71d3329ede32bd2c7f8705e15f056e236e163131dbf53ebeb2a4cb8493a93e64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
a197899571952ee997ad7a43c1571355

SHA1
21f78ef57a3b9bd397a36cd59076ef95ceae96b8

SHA256
8795318336366a6212b31cb3bcb3fc3fe5eb72f34f0597dfc9238ecd1d5cada0

SHA512
024382d932550869af5f96927346823b7ba8a6210cc9d0d9159da4f1a0b361b64b4aae2c5cfee07fd4f68c82045d79db13a9924134a3e4f2afbbc4867a4da6fb

Download Submit