26e86e980f31f60fa42265880d35e7fce1a51ab2b81fc1e4594b23ee06142b7e

Analysis

max time kernel
52s
max time network
52s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 01:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Release/mapper/map.exe
Size

136KB
MD5

92712a1da1efe0bbcf9eaadd8a7faff3
SHA1

739e9730805fcc64548afd1fc9cd576fd26b3f39
SHA256

84ec6081bdde2b3b557ea1151365b7cc046af1a9b847b004870dea390f4417d9
SHA512

3b8c567c7d48457a36d25d888fa87307aa2db6e948d6a57f724737be8dcc2b4f14616111efdc9af78159bc31066acc82eb6b267bd074dd2dd36c6f79cdaf85db
SSDEEP

3072:A3NUXtqYVVOjYET8BTfbvrwLd1vsaNQjpGg8EnG:azYcYjIg8a

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133720454646030487"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe

Suspicious use of AdjustPrivilegeToken 56 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2432 wrote to memory of 4408	2432	chrome.exe	93
PID 2432 wrote to memory of 4408	2432	chrome.exe	93
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 2348	2432	chrome.exe	94
PID 2432 wrote to memory of 4588	2432	chrome.exe	95
PID 2432 wrote to memory of 4588	2432	chrome.exe	95
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96
PID 2432 wrote to memory of 2788	2432	chrome.exe	96

C:\Users\Admin\AppData\Local\Temp\Release\mapper\map.exe
"C:\Users\Admin\AppData\Local\Temp\Release\mapper\map.exe"
1⤵
PID:1864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff9a87fcc40,0x7ff9a87fcc4c,0x7ff9a87fcc58
  2⤵
  PID:4408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2000,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2572 /prefetch:3
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2204,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2580 /prefetch:8
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3200,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3392,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3728,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4556 /prefetch:1
  2⤵
  PID:804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4724,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4736 /prefetch:8
  2⤵
  PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4856,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4720,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5032,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  PID:1032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5232,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5148,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5256,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4656 /prefetch:1
  2⤵
  PID:4244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3404,i,125371883545891797,3110180851356545422,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:1012

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5116

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c38270692086abfdcb6d1bb2809d08ac

SHA1
7927c2f64c2cc02446d33a43282c2da4a891b7c0

SHA256
7d4560a6675b5d45d06753dc715c8b4a38280bf25bddbc44a4217edf06e84f3d

SHA512
78d7c8fdcd2ab5a01ec8cd8ed35348add59406f87b2552a3e5472b7433190d8578816803801521256859979ef28f4b428604fac9de0401a5e33328918301a354

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
3250258d9f8f2911c6d4f47b8530ecd0

SHA1
cd6b67d3b19be388b85ebec5be710ec64f8ee9bb

SHA256
03393c6bd579da9cd278dcc3b59aec4c92eea8e00536a2f1a19465f73d61b617

SHA512
b15153bc3bf9c2b2e63e9e1cd16f25025a1b1c710b3f6934de9beb3923c5fc935fb4d9a485254a838f19d837dd9605cb0f7356b31edcfad3b8025b27daf2ee49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
856B

MD5
426de952c73f1cda56d40459cac5e518

SHA1
4eccc1a77137dc556046ee4c27ee849e5c86f0a3

SHA256
134c7bffdaef73dd48a3391bbc315f9c1672343ee9cac8aca9e1d900f6fdef0b

SHA512
83c310113f92080e174a8450245384ad298b867186c3e3f0dc52aae25c44419a6e8800bd71e912ade80f2ce0254eae5fe38b61651990aa853cbef8f27747779c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ced01e7bd8ed3ea556e87a4c9e4386d8

SHA1
72ee0fb448932f8401b16a306ef2a31edb495937

SHA256
482ad34e98fd2c5d25b8acadc80b09278733f0c3fed28c498597246d76303dd6

SHA512
288a255854eaf290b9fbf036ce44621a7c35b38cc65ccdad19ef2cbc5760647a027c2aea51e12c32943a5e824a9eb42f434f9d2a824fa906e98c0eef47c21486

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cbc2fc81f9853398e30fd68319e52d9a

SHA1
a05efdfbff60d66390d118e4f879384497812ba8

SHA256
a9dd9d400dad0af672f4b1b03d58ba06912eacd97cbd3ce55bcdb1e43d2f3d98

SHA512
c583b74476ce334be8fa98676d9af495cf4c013a6b4ec0517fb126b86a1d17cb2f92cd6c59e11e2b5e356a23dc6318e41fb2d70b0acae2c4173188e5e8102de7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
79edd34bcc968fccc068d95efef33ba3

SHA1
6986d4b40e391589da0f5de8f440ba8c954ff736

SHA256
160409ff035aefc8e78e8dfbab81697889f7a3e7e350e87d3f95e18f8822a193

SHA512
f63948fc81948814ce9ad8da4202acb1b05a2ff9adc8705b3874dcc486891af810dd70841e63e5d56b2209f9dd5c3b0254757993ea04e61f1c4f2dbfc285098e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
212KB

MD5
e9f1a0c924b23973550cc76b1ba319a6

SHA1
065ed8ac63db09e0e6a5efde7f11f099aba7b83a

SHA256
3f52f87c18050b2bf40675a70b9d5ed9df38235dce7fa51fe883ccb366d852c0

SHA512
2336fb59d59dd6c43d327ee5c2bc30d38955a154ec99d3ce06f43f09213cf309ccc146fae8b23b993415c0fb50186049550b46d46845fc48ce2790641469b11c

Download Submit