hxxps://www[.]app[.]sogel[.]it/

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
30-09-2024 07:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.app.sogel.it/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133721558013120145"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5000 wrote to memory of 2664	5000	chrome.exe	83
PID 5000 wrote to memory of 2664	5000	chrome.exe	83
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 808	5000	chrome.exe	84
PID 5000 wrote to memory of 1860	5000	chrome.exe	85
PID 5000 wrote to memory of 1860	5000	chrome.exe	85
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86
PID 5000 wrote to memory of 4564	5000	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.app.sogel.it/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff80f35cc40,0x7ff80f35cc4c,0x7ff80f35cc58
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2076,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1924,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2468 /prefetch:3
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4552,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3720 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4736,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  PID:3552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,13243010318130639653,8683279789316519995,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1572

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:396

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3296

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1592157da4b07a1ee70eed19fd644476

SHA1
c6c9e8f9404f4676d6e49ceb02af8803d2993cab

SHA256
feed838960dec7fd3788e61bafbd05d997a13449fe381beb03a9931fdc5597a9

SHA512
73993527cf2fa8a672a66b11f2dbb787e1e1155280afabe7aa719c2dd59732cbaa561997a9480ea364db2785d5209ecd13b079ad05cdaf63e257837e606e53c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
e856604b276b7cc69ea466c23fa5bf1f

SHA1
44635eca5e84a38341fab3cc2f26c1f1c05f76dd

SHA256
356ad54c3f63fcc1bec33ba76b2372261ba9d5bf755dd7cc7df266019baf6428

SHA512
9d990c7dc478179fb232eb17fda1ea57d9c65ff1d18e7a914d2382d399e1cf8a4094949b49b94fa458af9760840debd8a30285a7520b8f8fc15999fc2fb47027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
597e44f829788bd9c8f42170708606a3

SHA1
e8f61a1cee78dc4194680578e413be1804d4162a

SHA256
010bba2f772532ff76ae57356a248ab2ea0922282da3a55a439a7db6ab0a9aee

SHA512
c0d8b2b6491cadfccb1785a0bf34d6d369f47e8eda28cd75d3af6f67fe6a2ac3fd52b1fd42b9901083017acccf26861b8cb83f2c9356496fe838fdda95ba631a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a72c00eb8881d5d936fb75d6477c8ad3

SHA1
5b24d24d9c58f7a656bdd7a1f17e2fc4d14d12a4

SHA256
d8f55e4fa407de7b9de91507c8d483dfd6b9e2fd835849dce3aeb36db472f18b

SHA512
efc1e70dff15adfb3531476a3a24ab71fd2b19c4c62285cd418b8310b05a2feb20105e64cf138efe5492142569a3462622f2da49ee5eac9f291c9c5219200a6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0d989cfbd20128a321cf1219c057990a

SHA1
cb81316740c797cac73c698fc0732201a3da3087

SHA256
2b69a82084cb9d0efb34a6f97c58a30ec24d5560aec091f13011ef4f8eed838a

SHA512
cfa22ae0d54691bc976baf1e8250f902b29f3f70e6cad37e7d54f06214c95d9a80e72ebb1d6c13ba4cd3d928659e841442135b22ad0ba7da2aa3768d3f8695d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8d6f6d6d794e373b3428f1338a2ae2c7

SHA1
46c2463859939d5f5b38ed96684610c2b7fdfa06

SHA256
9d797481ce53044dc13abd71ef65de1b0eaee1f20cb204e1c4bef8abbf875d82

SHA512
00e9efe785d8a6fa5f5e3543c674b7122dabe5b1be151a87f2745e76ac8988bca5dbdd481ed5ffe6e6f24ce3a2111385b3f4f3bbb013f7fb3abb389e481a739c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3800ca101032fd40f10ef9658c192e41

SHA1
6301ca69e092bf051af9dbdfe8fed3d52b62b7bc

SHA256
822d7d1bffd3385403a2cd57ccc2b185f6722d87a4ab45a02f8cdef4fa697273

SHA512
bf3ddeef7a764ad78dd5e421b9fdf8858b01562d83b89a4caf6a44ba0b390a43152c4e58c93992cbb18624e01fe3eeb77f1451a9e2664f5e254b5f739bf8cfe9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2c1dca5ed036aabdb2561346b06e6719

SHA1
49d6f007f5398abe4e207490e30eb64057bbef75

SHA256
1123ed3dfc1fba329506c8fa4217aaaaefeec8bf5fa087c0321e7ea63d49e5a9

SHA512
f551d3aad17be7922043aaf0eccd675428e5e7eb733771b49ee992d3b40b6a0f80870e044055e0f98ab71aaa5e08d1aa92d3c7e4efcfffb50b0db4be35666461

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
17fcac6b5bf0faf798e95074d820ad57

SHA1
46f51278a4075fc6acc6b343e46dd0e1032a4942

SHA256
bb14ed9f173d87cb6ee8878ac760314319706a9eb485275062c30a5c2e7a5b17

SHA512
69664a1db7acb337cab5f2696de6f5ed44fd21ccbaa23cd80ed2124457af1418e568da9f1ebfaf907f31d5a59c9dce2f510740e5ef0a94e037230b43a27ad6f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c35408974bcae81beadca4ddfdbf02d2

SHA1
b2adac0befb8bb826bc7855773bd16823d4fc9de

SHA256
660ab057104150956d4cc07ef405a56678750be4a621f974945ef6dcea4ab039

SHA512
ca3d0659f4ac252907517e5becf3632150e5a688ce284b3fdfa79272764fb3d93a46ea1998d665306e0f7aa7ff60b56612da810ee19f16ad4b5c09f7063fbdce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
0b5d56f117b433b73279b87f561ee852

SHA1
774fa5354a6b740f117c2337da2dc3dd0d2be506

SHA256
7c54718f54e6a7d8317de8d1eb5c42ee2e828e59e3796a5e2cc0eb3d22e85846

SHA512
98d2f56b9a29efd1f211d2e0ad2c91563a289ed63309795e40c61d0de812a4dab439d8e310c5617ff9174cc95c2294dfe7da60b2f5b25f6f940efb1f5a050332

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
bf3e857f6eebcd0c4a8e42580ae9d48f

SHA1
192e5a3a3900d3fa02dafe4507ff12cf01abe419

SHA256
f6f394f836c76803bf3d65e03e1a9f13bcb78e75db0112ee991782fe2e6edfcf

SHA512
bf5e8b6f1e66ada2cd6aa67baf493317145fb20b275841bd2990eff5cec6e22a4d55f49024f15afedb80d3cf0d45164a5134fc30e781550300541ace3fab91ed

Download Submit