hxxps://goo[.]su/sukcw

Resubmissions

05/10/2024, 19:28

241005-x61hnszflq 10

05/10/2024, 19:27

241005-x6fs9svepg 3

Analysis

max time kernel
31s
max time network
44s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/10/2024, 19:27

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://goo.su/sukcw

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2980	chrome.exe
2980	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe

Suspicious use of AdjustPrivilegeToken 60 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe
Token: SeShutdownPrivilege	2980	chrome.exe
Token: SeCreatePagefilePrivilege	2980	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe
2980	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2980 wrote to memory of 2284	2980	chrome.exe	82
PID 2980 wrote to memory of 2284	2980	chrome.exe	82
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 2208	2980	chrome.exe	83
PID 2980 wrote to memory of 5100	2980	chrome.exe	84
PID 2980 wrote to memory of 5100	2980	chrome.exe	84
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85
PID 2980 wrote to memory of 1572	2980	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://goo.su/sukcw
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffacaddcc40,0x7ffacaddcc4c,0x7ffacaddcc58
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1860,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1848 /prefetch:2
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2392 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4524,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3840 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3472,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4552 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4672,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4880,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5060,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5248,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4428,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5996,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5272,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6260,i,1785945722084742524,7898050435909164912,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  PID:4688

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
89f10307a4e87f78ad0b6081cd8e23f6

SHA1
a26e92f89231b60cbd742d0a259d63eebe2388d0

SHA256
dcf169dc4a6449c4cc490dbdb448505ec91dd219619f32496100649c259388b9

SHA512
5845e6b34d0effafa10ba9c5eded904c13af64128ce3a152a3c2cad9c6fa38b7358916a0948eb6288c9c9ead23bd5195e16c77c49971fb53d6ceabc1e276f0f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d9b9573419f957d8f4644f15b72be923

SHA1
fd2280afe52bcfd296e7f2b5f1d055d173c76755

SHA256
c4709169e8aa603c21e9024890034ab9b29bdc05eb685055e0b646d3d395930c

SHA512
ca5641321dc36447e22166abb83e80af6b709194223ede51df0738183bc0741389c11b4f33a2a59e9527cf3de8cb85d325dbc735cca11b83f22d579b3a3c7c5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\09fb0752-b9c0-4386-8d00-959e3a821823.tmp

Filesize
2KB

MD5
7fb9848b16154f4e0c1d76f71bb23860

SHA1
d941b41a69833c285811d095966beea1dae018d2

SHA256
8560de60d3c7a4b05b46f841c4f13fb578e6ca3dea8152182940a6f7ca0f4921

SHA512
b068a21f436d9980fa345c12534e7a20af5e0641b3550549ab9583b5d66dcee5fe046fdcc6cc63e6b59ab5df74a67be91908b2cbe509e0f03892a1c043321d66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c237dad5528644e5dd8ad15e395c839a

SHA1
bdcd0f8a345f96eab0392075619206a6fca08043

SHA256
9fa56cd3cc1e67d514581327858bfc5117bd632975e5cf909c4cbac2184de01e

SHA512
edb2245212fb287bc6ecd9e025f2bb47564dcd73f462d9b7d9673994103413071661333f6c344d54c9d7bafa1d35d37124f0af008995534b36e25086e9352e29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
137b3c223e11e8b2d2426baa6e09f4e6

SHA1
74d36c652debd4f7be6a10e0372903c73dba7d29

SHA256
036472f8f245abdd81cab946855ee1039653f05a9d6e311fb405f9d11e9df8ec

SHA512
54026fcfcd2d51e26556cfa5bdaf607ae247151217a0f3f79bbd505efce9981ae40586e0b334e73b5780c62c93ef74812d6c4d5f9aae0358e08d2670d72de67e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
0eae16c0fe4f9c266c77fd31b0a6c226

SHA1
1a1f19975d3f30e3538f0b6356a33ba59c4dddc9

SHA256
c37a883a1215711f8b1ff38c0f4bb5259d14b5c2753bffb623a0be3ba362a20e

SHA512
8672732a80fcb2390f63a265ed279ae43c235c199d9aca6b4c66c2e09b1c1de873f4b5ad0fe1b37f48db2b81bf27a343a1cb130f2d92ecd937d31279ae0b3720

Download Submit